[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [MirageOS-devel] vchan hackers wanted for mirage-entropy

On 21 Nov 2014, at 10:30, Hannes Mehnert <hannes@xxxxxxxxxxx> wrote:
> While this is better than the current implementation (which uses
> OCaml's Random, which on Xen is seeded very deterministic if I
> understand that code correctly
> https://github.com/ocaml/ocaml/blob/638a953bcf61678307fa5d0e1a969aaaf3f1ab20/byterun/sys.c#L364),
> it is too easy to get it wrong (running the same unikernel image
> several times with the same seed) that I don't feel comfortable to
> ship mirage(-tls) with that.

Bear in mind that we need some sort of a non-vchan solution for
existing VMs even when the vchan solution does work, to cope with
existing cloud providers.

We just need to augment the one-time-pad here with some more 
Xen-specific environmental sources.  There may be some inspiration


Another alternative we could do in the short-term is just to pass
the 16 bytes-every-10-minutes directly via Xenstore instead of a
full-blown Vchan.  This would just require a daemon in dom0 to be
run that does this.  The paper above also notes that the Xenstore
hooks are useful to reinject fresh entropy upon suspend/resume,
which couldn't be done easily in a pure vchan solution.

MirageOS-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.